Companies rely on crowdsourced security to boost security efforts
61% of organizations perform attack surface discovery to offset frequently changing assets in their attack surface and attack surface expansion, yet 40% of companies perform …
bug bounty
HP expands its Bug Bounty Program to focus on office-class print cartridge security vulnerabilities
HP has expanded its Bug Bounty Program to focus specifically on office-class print cartridge security vulnerabilities. The program underscores HP’s commitment to delivering …
Study of global hackers and the economics of security research
Human ingenuity supported by actionable intelligence were found to be critical ingredients to maintaining a resilient infrastructure, Bugcrowd reveals. In fact, 78% of hackers …
Microsoft announces limited Azure Sphere bug bounty program
Microsoft has announced a new security research / bug bounty program aimed at testing and improving the security of Azure Sphere, its comprehensive IoT security solution. The …
Full-time bug hunting: Pros and cons of an emerging career
Being a bug hunter who discloses their discoveries to vendors (as opposed to selling the information to the highest bidder) has been and is an ambition of many ethical …
Microsoft invites gamers and researchers to new Xbox bug bounty program
Gamers, security researchers, and technologists have been invited to identify security vulnerabilities in Xbox network and services and report them to Microsoft. Bounty …
Kubernetes bug bounty program open to anyone, rewards up to $10,000
The Cloud Native Computing Foundation is inviting bug hunters to search for and report vulnerabilities affecting Kubernetes. Offered bug bounties range between $100 to …
Google ups bug bounties for Android flaws, exploits
Google has expanded the Android Security Rewards (ASR) program and increased the bug bounties it’s willing to award for certain kinds of exploits. About the Android …
GitHub Security Lab aims to make open source software more secure
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …
Google will pay for data abuse reports related to popular Android apps, Chrome extensions
Google is expanding the Google Play Security Reward Program (GPSRP) to include all apps in Google Play with 100 million or more installs, and is launching a new Developer Data …
Apple expands bug bounty program, opens it to all researchers, raises rewards
Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, …
Microsoft sets up isolated environment for bug hunters to test attacks against Azure
Microsoft has some very good news for bug hunters: not only has the company doubled the top bounty reward for vulnerabilities discovered in its Azure cloud computing service, …
